A security exploit has been found in the photo-sharing app, Instagram.
The loophole could allow hackers to breach and steal user account details from the Facebook-owned company.
The exploit was revealed when it became evident that certain cookies were being sent in plain-text rather than through a secured channel.
Computerworld reported that, when the Instagram app is loaded, a plain-text cookie is sent to the servers. If a hacker intercepts that cookie – among other criteria – they can subsequently gain access to the account and lock out the legitimate user.
The problem has only been seen on the iOS version, and its unclear if the Android version shares the same flaw.